I have a CMS that its administrator must use it to insert some website gadgets written in JavaScript to its database MySQL. I've used PDO for this, but it puts back slashes before all quotation marks (When I run the project on the internet). So codes appear like this in the source:
<script type=\"text/javascript\" src=\"something.js\"></script>
Therefore, nothing will be shown in the page. Wheras this back slashes don't be applied when I test the application locally, and I'm able to see these gadgets in the page.
Actually, I have same codes that acts in different manners on different locations (Local and Remote). What's the problem?
This is my code:
try
{
$db = new PDO("mysql:host=$hostname;dbname=dbdirectory", $username, $password, array(PDO::ATTR_PERSISTENT => true));
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_BOTH);
}
catch(PDOException $e)
{
echo $e->getMessage();
}
$title = $_POST['title'];
$code = $_POST['code'];
$sql = "INSERT INTO tbl_services (title,code) VALUES (?,?)";
$q = $db->prepare($sql);
$q->execute(array($title,$code));
